Re: [clamav-users] FreshClam - DNS issues since October 31st

2017-11-09 Thread Al Varnell
As you probably already know, in past discussions of the US round robin it was revealed that there weren't enough US mirrors to support the demand and that was the primary reason for including low demand off-shore servers as supplements to handle the over-flow. I don't know whether that situatio

Re: [clamav-users] Freshclam Fails

2017-11-09 Thread Krishnakumar Nair
Is there any possible cause from clamav end ?? it was working fine. Thanks & Regards, kk On Fri, Nov 10, 2017 at 9:58 AM, Joel Esler (jesler) wrote: > Looks like your machine can’t contact database.clamav.net database.clamav.net> > > Sent from my iPhone > > On Nov 9, 2017, at 11:24 PM, Krishnak

Re: [clamav-users] FreshClam - DNS issues since October 31st

2017-11-09 Thread Dennis Peterson
Any chance you can remove 128.199.133.36  from the US round robin? It's a long way from Kansas. dp On 11/8/17 7:50 AM, Joel Esler (jesler) wrote: The team working on these issues is seeing these emails, so it’s good that you are writing in, if you are still experiencing issues. __

Re: [clamav-users] Freshclam Fails

2017-11-09 Thread Joel Esler (jesler)
Looks like your machine can’t contact database.clamav.net Sent from my iPhone On Nov 9, 2017, at 11:24 PM, Krishnakumar Nair mailto:krnair...@gmail.com>> wrote: Hi Guys, any idea on this, clamav running in aix box. WARNING: Can't get information about database.cla

[clamav-users] Freshclam Fails

2017-11-09 Thread Krishnakumar Nair
Hi Guys, any idea on this, clamav running in aix box. WARNING: Can't get information about database.clamav.net: Hostname and service name not provided or found WARNING: getpatch: Can't download main-58.cdiff from database.clamav.net ERROR: Can't get information about database.clamav.net: Hostname

Re: [clamav-users] Quick question...

2017-11-09 Thread Eric Tykwinski
Ran it through LibreOffice to extract anything, but I’m not an expert. Only thing I saw was a suspicious macro: https://pastebin.com/5Mdfjy3m Submitted to Talos, so if they find something more, I hope it helps. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-83

Re: [clamav-users] Quick question...

2017-11-09 Thread Al Varnell
On Nov 9, 2017, at 3:23 PM, Eric Tykwinski wrote: > Does anyone know if the DDE payloads in Word documents are getting caught? > > I had a customer with a very strange virus, basically it downloaded his inbox > and was responding to recipients with an attached Word document. > This was coming fr

[clamav-users] Quick question...

2017-11-09 Thread Eric Tykwinski
Does anyone know if the DDE payloads in Word documents are getting caught? I had a customer with a very strange virus, basically it downloaded his inbox and was responding to recipients with an attached Word document. This was coming from a botnet with the "EHLO localhost” signature. Spam filte

Re: [clamav-users] FreshClam - DNS issues since October 31st

2017-11-09 Thread Noel Jones
Getting errors off-and-on since about 3am CDT today. But working right now. Obviously something still not right. -- Noel Jones On 11/8/2017 2:51 PM, Noel Jones wrote: > It's working now. The last error in the log was about 30 minutes > after the report below. > > Thanks. > > Location i

Re: [clamav-users] FreshClam - DNS issues since October 31st

2017-11-09 Thread Simon Mousey Smith
Hi, We started seeing the same problem here It was fine during the night but then this morning started again with the WARNING messages? [root@mailgw ~]# host -t txt current.cvd.clamav.net current.cvd.clamav.net descriptive text "0.99.2:58:24027:1510207861:1:63:46632:318" [root@mailgw ~]# date

Re: [clamav-users] FreshClam - DNS issues since October 31st

2017-11-09 Thread Adolf Belka
I am still seeing the message. Periodically it stops and when I check that is when the time from the DNS record has become closer to my computers time but then the delta progressively increases and exceeds the 3 hours and the message starts again. Today it started again at 10:12 (Netherlands ti